Course description
This course narrows in on how to identify threats both external and internal. Perhaps one of the employees of the business uses a very weak password and this is a security threat that a dictionary attack tool can rapidly find. It then covers how to gain information or "footprinting" on a target of ethical hacking. It shows how to scan and also to mitigate scans to acquire information about weak points and then explains diagramming your system from a hacking perspective. This course is part of a series covering EC-Council's Certified Ethical Hacker (CEH).
Prerequisites
To get the most out of this course, this course assumes that you have a good working knowledge of Linux and Windows based networking environments. It also assumes that you have experience with managing a network, have worked with networking hardware such as switches & routers, are familiar with MS Active Directory (AD) Domain based authentication, know how to work with command-line utilities, and understand the basics of Web Server environments.
Many of the demonstrations in this course use the Windows 7 and Kali Linux operating systems which can be downloaded free from the respective sites. All of the demonstrations are created in a virtual environment using Oracle VirtualBox and VMware vSphere 6.
Learning Paths
This course will help you prepare for the following certification and exam:
Certified Ethical Hacker
312-50: Certified Ethical Hacker
Meet the expert
Rafiq Wayani has extensive experience including more than 20 years in IT as Systems Architect, Software Engineer, DBA, and Project Manager. Wayani has instructed in a variety of technical areas, has designed and implemented network and information systems, and is certified across a wide range of platforms and systems including Microsoft Solutions Developer, Systems Engineer, Application Developer, Database Administrator, Trainer; Novell Netware Administrator and Engineer; Master Certified Netware Engineer; and A Certified.
Course outline
Scanning
Threats (19:34)
- Introduction (00:25)
- Threats (07:05)
- Demo: Using Google (01:31)
- Internet Searches (01:43)
- Demo: Google Hacking (03:48)
- Demo: Other Databases (04:44)
- Summary (00:15)
Scanning (11:50)
- Introduction (00:22)
- Environment Evaluation (01:23)
- Environment (08:44)
- Demo: Zenmap and NMap (00:58)
- Summary (00:21)
Scanning Demo (15:17)
- Introduction (00:20)
- Mitigate Scans (08:58)
- Honeypot (05:43)
- Summary (00:14)
Enumeration
Enumeration (16:26)
- Introduction (00:23)
- Enumeration (01:53)
- Demo: Enumeration Script (03:10)
- Enumeration Cont. (03:08)
- Demo: PowerShell Enumeration (02:46)
- Protecting Against Enumeration (04:47)
- Summary (00:16)
Enumeration Demo (09:16)
- Introduction (00:21)
- Demo: Enumerating Classes (04:08)
- Demo: Enumeration Tools (04:25)
- Summary (00:20)
System Hacking
System Hacking (13:30)
- Introduction (00:27)
- System Hacking (04:27)
- Hacker Goals (03:08)
- Methods of Attack (05:01)
- Summary (00:25)
System Hacking Demos (14:59)
- Introduction (00:26)
- Demo: Password Attack (04:51)
- Demo: Dictionary Passwords (04:33)
- Demo: NetCat (04:47)
- Summary (00:20)